Cloud-based security services are gaining momentum as organisations look at smarter ways of managing their security strategies. Enterprise security no longer just encompasses firewalls and antivirus software, but a complex blend of secure e-mail and Web gateways, remote vulnerability assessment, and identity and access management (IAM), to name a few.
This sentiment is echoed by research giant Gartner, who says that cloud-based security services will account for 10% of the enterprise IT security product market by 2015 in the United States and Europe, as the uptake of cloud-based application computing continues to rise.
There is no doubt that South African industries will trail behind this trend and is a promising sign of things to come for service providers with solid cloud-computing expertise.
Jayson O’Reilly, director – Sales and Innovation at DRS, a company that specialises in enterprise-wide security risk management, says: “Cybercrime continues to rise and attacks are becoming more and more sophisticated. However, the lack of skilled IT resources in companies remain a challenge while the need for good governance and due diligence have been key messages in the industry so far this year.
“This greatly heightens an organisations security risk profile. Security compromises have brought many organisations to their knees, losing thousands of rands while internal IT departments scramble to bring their organisations back online.”
He says that even though the economy is growing at a steady pace, cost reduction and total cost of ownership remains top of mind for executives. As a result, Gartner estimates that the cloud-based security services market will reach $4,2-billion by 2016 as organisations harness cloud computing as a means to offset these challenges.
Cloud-based security services allow companies to establish an in-depth approach to their ISMSes (information security management systems) with very little complexity and at a very low cost.
With cloud-based security services, organisations can budget through operating expenditure, rather than through capital expenditure. It also gives them the ability to focus on their business and not constant operational security concerns.
Additionally, cloud-based security services give companies the ability to really understand if they are getting better at securing their intellectual property and their infrastructure in line with good governance practices.
Importantly, overall trust in service providers that have partnered with leading global solution providers and that understand the threat analysis arena, particularly in areas such as rapid response incident management, will put them in good stead in the years to come as cloud computing matures.
“The transition to implementing a cloud solution or strategy can seem daunting but organisations should look at trusted partners in the security industry that can assist with many of their challenges, baseline the cost of security and turn information security into a clear profit centre.
“This is done through effective methodologies that incorporate best practices in planning, deployment and operation that lay the foundation for a cloud solution deployment and management,” adds O’Reilly.
O’Reilly says this is again in line with Gartner’s suggestions that security providers that currently offer only a hardware/software-based solution requiring implementation “should build product road maps that allow customers to move to the cloud at their pace”.